An Improved Anonymous Multi-Server Authenticated Key Agreement Scheme Using Smart Cards and Biometrics

被引：49

作者：

Lin, Hao ^{[1
]}

Wen, Fengtong ^{[1
]}

Du, Chunxia ^{[1
]}

机构：

[1] Univ Jinan, Sch Math Sci, Jinan 250022, Peoples R China

来源：

WIRELESS PERSONAL COMMUNICATIONS | 2015年 / 84卷 / 04期

关键词：

Multi-server; Authentication; Biometrics; User anonymity; SECURITY; EFFICIENT;

D O I：

10.1007/s11277-015-2708-4

中图分类号：

TN [电子技术、通信技术];

学科分类号：

0809 ;

摘要：

Recently, Chuang et al. proposed a multi-server authenticated key agreement scheme based on trust computing using smart cards and biometrics. They claimed that their scheme can resist replay attacks, modification attack, off-line password guessing attack and insider attack. However, we demonstrated that their scheme is vulnerable to servers spoofing attack and cannot protect the user's anonymity and the session key, even if the adversary only knows the information transmitting in the public channel. Furthermore, their scheme cannot resist user impersonation attack if the smart cards is stolen. To overcome these problems, we proposed a robust anonymous multi-server authenticated key agreement scheme. We show that our proposed scheme can provide stronger security than previous protocols and protect the user anonymity.

引用

页码：2351 / 2362

页数：12

共 21 条

[1] An enhanced remote user authentication scheme using smart cards [J].

Awasthi, AK ;

Lal, S .

IEEE TRANSACTIONS ON CONSUMER ELECTRONICS, 2004, 50 (02) :583-586

[2] An anonymous multi-server authenticated key agreement scheme based on trust computing using smart cards and biometrics [J].

Chuang, Ming-Chin ;

Chen, Meng Chang .

EXPERT SYSTEMS WITH APPLICATIONS, 2014, 41 (04) :1411-1418

[3] Analysis and Improvement of a Robust Smart Card Based-Authentication Scheme for Multi-Server Architecture [J].

Guo, Dianli ;

Wen, Fengtong .

WIRELESS PERSONAL COMMUNICATIONS, 2014, 78 (01) :475-490

[4] Improvement of the secure dynamic ID based remote user authentication scheme for multi-server environment [J].

Hsiang, Han-Cheng ;

Shih, Wei-Kuan .

COMPUTER STANDARDS & INTERFACES, 2009, 31 (06) :1118-1123

[5]

Hyun-Sung kim, 2003, Operating Systems Review, V37, P32, DOI 10.1145/958965.958969

[6] Improving the security of 'a flexible biometrics remote user authentication scheme' [J].

Khan, Muhammad Khurram ;

Zhang, Jiashu .

COMPUTER STANDARDS & INTERFACES, 2007, 29 (01) :82-85

[7] Fingerprint Biometric-based Self-Authentication and Deniable Authentication Schemes for the Electronic World [J].

Khan, Muhammad Khurram .

IETE TECHNICAL REVIEW, 2009, 26 (03) :191-195

[8]

Kocher P., 1999, Advances in Cryptology - CRYPTO'99. 19th Annual International Cryptology Conference. Proceedings, P388

[9] PASSWORD AUTHENTICATION WITH INSECURE COMMUNICATION [J].

LAMPORT, L .

COMMUNICATIONS OF THE ACM, 1981, 24 (11) :770-772

[10] A secure dynamic ID based remote user authentication scheme for multi-server environment using smart cards [J].

Lee, Cheng-Chi ;

Lin, Tsung-Hung ;

Chang, Rui-Xiang .

EXPERT SYSTEMS WITH APPLICATIONS, 2011, 38 (11) :13863-13870

← 1 2 3 →